feat: add logile option

2022-09-19 16:45:34 +02:00 · 2022-09-19 16:45:34 +02:00 · 038924e2e5
parent 1664e1c333
commit 038924e2e5
4 changed files with 35 additions and 36 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -2,6 +2,8 @@
 sudo_packages:
  - sudo

+sudo_logfile: /var/log/sudo.log
+
 sudo_misc_settings:
  - "!visiblepw"
  - always_set_home
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,2 +1,33 @@
 ---
- include_tasks: setup.yml
+- block:
+    - name: Install requirements
+      package:
+        name: "{{ item }}"
+        state: present
+      loop: "{{ sudo_packages }}"
+
+    - name: Add base sudo config
+      template:
+        src: etc/sudoers.j2
+        dest: /etc/sudoers
+        owner: root
+        group: root
+        mode: 0440
+        validate: "/usr/sbin/visudo -cf %s"
+
+    - name: Add config files to sudoers.d
+      template:
+        src: etc/sudoers.d/sudo_ext.j2
+        dest: "/etc/sudoers.d/{{ item.name }}"
+        owner: root
+        group: root
+        mode: 0440
+        validate: "/usr/sbin/visudo -cf %s"
+      loop: "{{ sudo_aliases }}"
+      loop_control:
+        label: "{{ item.name }}"
+      when:
+        - sudo_aliases is defined
+        - item.user_aliases is defined
+  become: True
+  become_user: root
--- a/tasks/setup.yml
+++ b/tasks/setup.yml
@ -1,33 +0,0 @@
---
- block:
-    - name: Install requirements
-      package:
-        name: "{{ item }}"
-        state: present
-      loop: "{{ sudo_packages }}"
-
-    - name: Add base sudo config
-      template:
-        src: etc/sudoers.j2
-        dest: /etc/sudoers
-        owner: root
-        group: root
-        mode: 0440
-        validate: "/usr/sbin/visudo -cf %s"
-
-    - name: Add config files to sudoers.d
-      template:
-        src: etc/sudoers.d/sudo_ext.j2
-        dest: "/etc/sudoers.d/{{ item.name }}"
-        owner: root
-        group: root
-        mode: 0440
-        validate: "/usr/sbin/visudo -cf %s"
-      loop: "{{ sudo_aliases }}"
-      loop_control:
-        label: "{{ item.name }}"
-      when:
-        - sudo_aliases is defined
-        - item.user_aliases is defined
-  become: True
-  become_user: root
--- a/templates/etc/sudoers.j2
+++ b/templates/etc/sudoers.j2
@ -5,14 +5,13 @@
 Defaults    {{ item }}
 {% endfor %}
 {% endif %}
-
 {% if sudo_env_keep -%}
 Defaults    env_keep = "{{ sudo_env_keep|join(' ') }}"
 {% endif %}
-
 {% if sudo_secure_path -%}
 Defaults    secure_path = "{{ sudo_secure_path }}"
 {% endif %}
+Defaults    logfile = {{ sudo_logfile }}

 ## Allow root to run any commands anywhere
 root    ALL=(ALL)   ALL